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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 IVIONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days vnW be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 19 July 2004 . 
2a)S This action is FINAL. 2b)n This action is non-final. 

3) 0 Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex pa/te Quay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-52 is/are pending in the application. 

4a) Of the above claim(s) 1-27 is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) IEI Claim(s) 28-52 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10)0 The drawing{s) filed on is/are: a)D accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) K Notice of References Cited (PTO-892) 4) □ Inten/iew Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . ■ 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 5) □ Notice of Informal Patent Application (PTO-1 52) 

Paper No(s)/Mail Date . 6) □ Other: . 



U.S. Patent and Trademartt Office 
PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 0 
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DETAILED ACTION 



1. 



The amendment filed on 19 July 2004 is noted and made of record. 



2. 



Claims 1-52 have been presented for examination. 



3. 



Claims 1-27 have been cancelled as per the Applicant's request. 



Response to Arguments 



4, 



Applicant's arguments with respect to claims 1 1-27 have been considered but are moot in 



view of the new ground(s) of rejection. 



5. 



See further rejections that follow. 



Claim Rejections - 35 USC § 103 



6. The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

7. Claims 28, 35, 41, and 47 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
U.S. Patent No. 6, 658,568 to Ginter et al, hereinafter Ginter, in view of U.S. Patent No. 
6,816,900 to Vogel et al., hereinafter Vogel, and further in view of U.S. Patent No. 6,233,341 to 
Riggins, hereinafter Riggins. 

8. As per claims 28, 35, 41 and 47, Ginter discloses a method for automatically obtaining a 
second certificate for a user using a first certificate, comprising: 

accessing a registration server using the first certificate of the user to create a connection 
that authenticates the user's identity via the user's first certificate (Figure 5 IE [blocks 500a, 
500b], column 85, lines 11-15); 

forwarding a request for the second certificate fi-om the user server to the registration 
server (column 85, lines 1 1-15); 
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determining in the registration server that the user is entitled to the second certificate 
(column 85, lines 11-15); 

forwarding a request from the registration server to an authority (Figure 5 IE, column 86); 
forwarding the second certificate from the another authority to a directory (Figure 52). 

9. Ginter does not disclose authenticating both the user's server identity via a server 
certificate of the user serve and the user's identity via the user's first certificate; 

creating a secure data channel between the registration server and the user server; 
an authority to generate a private/public key pair; 

sending the private key to the user from the authority via the secure data channel; 
sending the public key from the authority to another authority to be signed. 

10. Vogel discloses authenticating based on multiple certificates (column 4, lines 19-37); and 
creating a secure data connection (column 4, lines 19-37). 

11. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to authenticate based on multiple certificates and establish a secure connection 
therefrom, since Vogel states at column 4, lines 31-37 that such a modification deny access to 
users that could not verify the server identity thereby keeping malicious users from obtaining a 
second certificate. 

12. Riggins discloses an authority for generating a private/public key pair, sending the 
private key to the user, and signing the public key (column 1, lines 54-67). 

13. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to include an authority for generating a private/public key pair, sending the private key 
to the user, and signing the public key, since Riggins states at column 1, lines 40-53 that such a 
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modification would utilize a well known and established method of recognizing entities 
participating in electronic transactions. 

14. Claim 29 is rejected under 35 U.S.C. 103(a) as being unpatentable over Ginter in view of 
Vogel in view of Riggins as appHed above, in further view of U.S. Patent 6,108,788 to Moses et 
al., hereinafter Moses. 

15. Regarding claim 29, Ginter, Vogel, and Riggins do not disclose sending a backup copy of 
the private key from the authority to a key recovery authority. 

16. Moses discloses providing a backup copy of the private key (colunrm 6, Unes 1-14). 

17. It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to provide for a backup copy of the private key, since Moses discloses at column 6, 
lines 1-14 that such a modification would provide additional security. 

18. Claims 30-34, 36-40, 42-46, and 48-52 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Ginter in view of Vogel in view of Riggins as applied above, in further view 
of U.S. Patent 5,373,561 to Haber et al., hereinafter Haber. 

19. Regarding claims 30, 36, 42, and 48, Ginter, Vogel and Riggins do not teach wherein the 
first certificate comprises a signature certificate. 

20. Haber discloses a system for certifying or validating the existence or occurrence of a 
recorded document or event by relying upon cryptographic assumptions to establish the basis for 
such a certification or validafion (col. 1, lines 6-10). Haber teaches extending the reliability of 
any type of certificate (i.e. signature certificate or encryption certificate) (col. 2, lines 51-54) by 
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generating a new certificate from a combination of the original certificate and the original digital 
document (col. 2, lines 3-26). 

21 . Therefore it would have been obvious to one of ordinary skill in the art at the time of 
Applicant's invention to modify the combination of Ginter and Riggins with the teachings of 
Haber to include that the first certificate comprises a signature certificate with the motivation to 
extend the validity of the original certificate (Haber col. 1, lines 53-56). 

22. Regarding claims 31, 37, 43, and 49, Ginter, Vogel, and Riggins do not teach wherein the 
second certificate comprises an encryption certificate. 

23. Haber teaches extending the reliability of any type of certificate (i.e. signature certificate 
or encryption certificate) (col. 2, lines 51-54) by generating a new certificate from a combination 
of the original certificate and the original digital document (col. 2, lines 3-26). 

Therefore it would have been obvious to one of ordinary skill in the art at the time of Applicant's 
invention to modify the combination of Ginter and Riggins with the teachings of Haber to 
include that the second certificate comprises an encryption certificate with the motivation to 
extend the validity of the original certificate (Haber col. 1, lines 53-56). 

24. Regarding claims 32, 38, 44, and 50, Ginter, Vogel, and Riggins do not disclose wherein 
the first certificate comprises an expiring signature certificate and the second certificate 
comprises a replacement signature certificate. 
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25. Haber teaches extending the reliability of any type of certificate (i.e. signature certificate 
or encryption certificate) (col. 2, Unes 51-54) by generating a new certificate fi"om a combination 
of the original certificate and the original digital document (col. 2, lines 3-26). * 

26. Therefore it would have been obvious to one of ordinary skill in the art at the time of 
Applicant's invention to modify the combination of Ginter and Riggins with the teachings of 
Haber to include that the first certificate comprises an expiring signature certificate and the 
second certificate comprises a replacement signature certificate with the motivation to extend the 
validity of the original certificate (Haber col. 1, lines 53-56). 

27. Regarding claims 33, 39, 45, and 51, Ginter, Vogel, and Riggins do not teach wherein the 
first certificate comprises a signature certificate and the second certificate comprises a 
replacement encryption certificate. 

28. Haber teaches extending the reliability of any type of certificate (i.e. signature certificate 
or encryption certificate) (col. 2, lines 51-54) by generating a new certificate from a combination 
of the original certificate and the original digital document (col. 2, lines 3-26). 

29. Therefore it would have been obvious to one of ordinary skill in the art at the time of 
Applicant's invention to modify the combination of Ginter and Riggins with the teachings of 
Haber to include that the first certificate comprises a signature certificate and the second 
certificate comprises a replacement encryption certificate with the motivation to extend the 
validity of the original certificate (Haber col. 1, lines 53-56). 
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30. Regarding claims 34, 40, 46, and 52, Ginter, Vogel, and Riggins do not teach wherein the 
first certificate comprises a signature certificate and the second certificate comprises one of 
either the user's current encryption certificate or an expired encryption certificate of the user. 

3 1 . Haber teaches extending the reliability of any type of certificate (i.e. signature certificate 
or encryption certificate) (col. 2, lines 51-54) by generating a new certificate fi-om a combination 
of the original certificate and the original digital document (col. 2, lines 3-26). 

Therefore it would have been obvious to one of ordinary skill in the art at the time of Applicant's 
invention to modify the combination of Ginter and Riggins with the teachings of Haber to 
include that the first certificate comprises a signature certificate and the second certificate 
comprises one of either the user's current encryption certificate or an expired encryption 
certificate of the user with the motivation to extend the validity of the original certificate (Haber 
col. 1, lines 53-56). 

Conclusion 

32. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

33. The following patents are cited to further show the state of the art with respect to 
authenticating user and server certificates, such as: 

United States Patent No. 6,553,393 to Eilbott et al., which is cited to show pre-fetching 
external resources embedded objects in a markup language data stream. 

United States Patent No. 6,636,975 to Khidekel et al, which is cited to show accessing a 
secure resource using a certificate bound with authentication information. 
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United States Patent No. 6,643,744 to McGarvey, which is cited to show delegating 
authority in a public key authentication environment. 

United States Patent No. 6,304,974 to Samar, which is cited to show managing trusted 
certificates. 

United States Patent No. 6,785,729 to Overby, Jr. et al., which is cited to show 
authorizing a network user as entitled to access a node wherein authenticated certificate received 
from the user is mapped into the user identification and the user is presented with the opportunity 
to logon to the node only after the verification is successful. 

34. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
AppHcant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

35. A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

36. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christian La Forgia whose telephone number is (571) 272-3792. 
The examiner can normally be reached on Monday thru Thursday 7-5. 
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37. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

38. Information regarding the status of an application may be obtained from the Patent 
AppHcation Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Christian LaForgia 
Patent Examiner 

Art Unit 2131 y^Ll 0 
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